Physical vulnerabilities
Physical vulnerabilities include any weak links between the outside and the server equipment within the facility belonging to the customer. Vulnerabilities can mean the existence of the threats mentioned in the previous section, most notably weak authentication and questionable personnel.
Vulnerability such as a poor location or inadequate power grid should be immediately remediated by moving equipment to another facility without said vulnerabilities. Additional vulnerabilities that need to be considered include any aspect of the facility that will lend itself to a single point of failure, including the lack of redundant power or redundant Internet connections. Commercial datacenters are usually happy to showcase their redundancy.
As with all the threats and vulnerabilities mentioned in the previous sections, a detailed plan and checklist should be used when evaluating the design and implementation of each of these parts that make up a secure infrastructure. Adequate disaster recovery planning is also key as well as ensuring data security during a disaster. Confirm that should a disaster occur, the data will be secure at the disaster recovery website or websites.
